[Docs] [txt|pdf|xml|html] [Tracker] [Email] [Nits]
Versions: 00
Network Working Group J. Abley
Internet-Draft Afilias Canada
Intended status: BCP June 27, 2008
Expires: December 29, 2008
Indicating Non-Availability of Dynamic Updates in the DNS
draft-jabley-dnsop-missing-mname-00
Status of this Memo
By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This Internet-Draft will expire on December 29, 2008.
Abstract
The Start of Authority (SOA) Resource Record (RR) in the Domain Name
System (DNS) specifies various parameters related to the handling of
data in DNS zones. These parameters are variously used by authority-
only servers, caching resolvers and DNS clients to guide them in the
way that data contained within particular zones should be used.
One particular field in the SOA RR is known as MNAME, which is used
to specify the "Primary Master" server for a zone. This is the
server to which Dynamic Updates are sent by clients. Many zones do
not accept updates using the Dynamic Update mechanism, and any such
DNS UPDATE messages which are received provide no usual purpose. For
such zones it may be preferable not to receive updates from clients
Abley Expires December 29, 2008 [Page 1]
Internet-Draft Non-Availability of Dynamic Updates June 2008
at all.
This document proposes a convention by which a zone operator can
signal to clients that a particular zone does not accept Dynamic
Updates.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Use of the MNAME Field . . . . . . . . . . . . . . . . . . . . 3
3. Operations . . . . . . . . . . . . . . . . . . . . . . . . . . 4
4. Impact on DNS NOTIFY . . . . . . . . . . . . . . . . . . . . . 4
5. Impact on DNS UPDATE . . . . . . . . . . . . . . . . . . . . . 4
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 5
7. Security Considerations . . . . . . . . . . . . . . . . . . . . 5
8. Normative References . . . . . . . . . . . . . . . . . . . . . 5
Appendix A. Change History . . . . . . . . . . . . . . . . . . . . 5
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 5
Intellectual Property and Copyright Statements . . . . . . . . . . 7
Abley Expires December 29, 2008 [Page 2]
Internet-Draft Non-Availability of Dynamic Updates June 2008
1. Introduction
[RFC2136] specifies a mechanism for clients to update zones in the
DNS dynamically. This mechanism is widely-deployed by many end-
station operating systems, where it is used (for example) to update
DNS records in response to a local change of IP address.
Many zones, however, do not accept dynamic updates from clients as a
matter of policy. For such zones, specifying a DNS server name in
the MNAME field of an SOA record has no benefit, and in fact may well
cause unwanted traffic (DNS UPDATE messages) to be received by the
named server.
This document proposes a convention by which a zone operator can
signal to clients that a particular zone does not accept Dynamic
Updates.
2. Use of the MNAME Field
The Start of Authority (SOA) Resource Record (RR) is defined in
[RFC1035]. The MNAME field of the SOA RDATA is defined in that
document as "The <domain-name> of the name server that was the
original or primary source of data for this zone."
[RFC1035] includes no specific guidance on the use of the MNAME
field, although the general tone in which SOA RDATA are discussed
suggests that its intended purpose was for the management of zone
transfers between authority-only servers. There are no
implementations of authority-only servers known to the author which
use the MNAME field to manage or perform zone transfers, however; for
bootstrapping reasons, commonly-deployed implementations require
master servers to be specified explicitly, usually by address rather
than name.
The MNAME field was subsequently referred to in [RFC1996], as part of
the definition of the term "Primary Master". The server specified in
the MNAME field was, by default, to be excluded from the set of
servers to which DNS NOTIFY messages would be sent.
In [RFC2136] the MNAME field was again used to provide a definition
for the term "Primary Master", in this case for the purpose of
identifying the server towards which dynamic updates for that zone
should be sent.
There have been no other references to the use of the MNAME in the
RFC series.
Abley Expires December 29, 2008 [Page 3]
Internet-Draft Non-Availability of Dynamic Updates June 2008
This document specifies a convention by which a zone operator may
include an empty MNAME field in order to deliberately specify that
there is no appropriate place for Dynamic Updates to be sent.
3. Operations
Zone administrators who do not wish to receive Dynamic Updates from
clients for a particular zone may specify an empty MNAME field in
that zone's SOA RDATA. The textual representation of an empty field
in the canonical representation of zone data is a single ".", as
illustrated in Figure 1.
@ 1800 IN SOA jabley.automagic.org. . (
20080622 ; serial
1800 ; refresh
900 ; retry
10800 ; expire
1800 ) ; negative cache TTL
Figure 1
Dynamic Update clients who identify the Primary Master server as the
recipient of DNS UPDATE messages from the MNAME field in SOA RDATA
should interpret an empty MNAME field as an indication that no
attempt to send a DNS UPDATE message should be made for the zone
containing the SOA record.
4. Impact on DNS NOTIFY
[RFC1996] specifies that the Primary Server, which is derived from
the MNAME field of the SOA RDATA, be excluded from the set of servers
to which NOTIFY messages should be sent.
For zones whose SOA record contains an MNAME field which corresponds
to a server listed in the apex NS set, making the MNAME field empty
might well cause additional NOTIFY traffic. If this is a concern,
the operators of the authority-only servers for the zone might choose
to specify an explicit notify list.
5. Impact on DNS UPDATE
The goal of the convention specified in this document is to prevent
Dynamic Update clients from sending DNS UPDATE messages for
particular zones. The use of an empty MNAME field is intended to
prevent a Dynamic Update client from finding a server to send DNS
Abley Expires December 29, 2008 [Page 4]
Internet-Draft Non-Availability of Dynamic Updates June 2008
UPDATE messages to.
6. IANA Considerations
This document makes no requests of the IANA.
7. Security Considerations
The convention described in this document provides no additional
security risks to DNS zone or server administrators.
Name servers which do not support Dynamic Updates for the zones they
host might experience a security benefit from reduced DNS UPDATE
traffic, the absence of that traffic provides additional headroom in
network bandwidth and server capacity for legitimate query types.
8. Normative References
[RFC1035] Mockapetris, P., "Domain names - implementation and
specification", STD 13, RFC 1035, November 1987.
[RFC1996] Vixie, P., "A Mechanism for Prompt Notification of Zone
Changes (DNS NOTIFY)", RFC 1996, August 1996.
[RFC2136] Vixie, P., Thomson, S., Rekhter, Y., and J. Bound,
"Dynamic Updates in the Domain Name System (DNS UPDATE)",
RFC 2136, April 1997.
Appendix A. Change History
This section to be removed prior to publication.
00 Initial draft, circulated as draft-jabley-dnsop-missing-mname-00.
Abley Expires December 29, 2008 [Page 5]
Internet-Draft Non-Availability of Dynamic Updates June 2008
Author's Address
Joe Abley
Afilias Canada Corp.
Suite 204, 4141 Yonge Street
Toronto, ON M2P 2A8
Canada
Phone: +1 416 673 4176
Email: jabley@ca.afilias.info
Abley Expires December 29, 2008 [Page 6]
Internet-Draft Non-Availability of Dynamic Updates June 2008
Full Copyright Statement
Copyright (C) The IETF Trust (2008).
This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors
retain all their rights.
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Intellectual Property
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at
ietf-ipr@ietf.org.
Abley Expires December 29, 2008 [Page 7]
Html markup produced by rfcmarkup 1.129d, available from
https://tools.ietf.org/tools/rfcmarkup/